top of page

Privacy Policy

Mia's Fiduciary Services

Effective Date: MAY 1, 2026

Last Updated: April 28, 2026

1. Introduction
 

Mia's Fiduciary Services ("we," "us," or "our") is a professional fiduciary business located in San Leandro, California. We are committed to maintaining the highest standards of confidentiality and protecting the privacy of our clients, beneficiaries, and website visitors.
 

This Privacy Policy explains how we collect, use, disclose, and safeguard your Personal Information (PI), Sensitive Personal Information (SPI), and Nonpublic Personal Information (NPI) in accordance with the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the California Online Privacy Protection Act (CalOPPA), the Gramm-Leach-Bliley Act (GLBA), the California Financial Information Privacy Act (CalFIPA), the California Probate Code, applicable federal laws (including alignment with HIPAA standards where relevant), the California Confidentiality of Medical Information Act (CMIA), the Professional Fiduciaries Act, Title 16 of the California Code of Regulations, and telecommunications regulations.
 

Our Core Privacy Principle: Mia's Fiduciary Services does not sell your Personal Information. We do not share your information for marketing purposes. Your information is only shared when absolutely necessary to execute our legally bound fiduciary duties on your behalf, or as mandated by law and court order.

2. Information We Collect
 

To provide comprehensive fiduciary, conservatorship, estate, and healthcare management services, we must collect varying types of information. The categories of information we may collect include, but are not limited to:
 

  • Identifiers: Real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address, account name, Social Security Number (SSN), driver's license number, passport number, or other similar identifiers.
     

  • Audio, Electronic, or Visual Information: Voice recordings (such as recorded telephone calls for record-keeping and administrative accuracy), digital communications, secure client portal access logs, and records of digital file transfers or secure document access.
     

  • Sensitive Personal Information (SPI): Financial account credentials, debit/credit card numbers in combination with security codes, precise geolocation, racial or ethnic origin, religious beliefs, union membership, genetic data, biometric data, and health/medical information. 
     

  • Professional or Employment-Related Information: Current or past employment history, pension and retirement account details, disability benefits, and workers' compensation records necessary for income management, benefits administration, and tax preparation.
     

  • Financial & Tax Information: Bank statements, tax returns, investment portfolios, deeds, and asset valuations necessary for estate management, trust administration, or bill payment. 
     

  • Beneficiary and Third-Party Information: Names, contact details, demographic data, and identifying information of your designated heirs, dependents, beneficiaries, or emergency contacts as required to execute estate plans and trust distributions.
     

  • Protected Health Information (PHI): Medical records, healthcare directives, insurance claims, and physician communications necessary for managing medical care and executing healthcare powers of attorney. 
     

  • Commercial Information: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

 

  • Government Records & Open Source Intelligence (OSINT): Information lawfully made available to the general public from government registries and widely distributed media. This includes, but is not limited to, property records, professional licensing boards, corporate filings, civil and criminal dockets, and probate filings.

 

  • Internet or Electronic Network Activity: Information regarding your interaction with our website, electronic newsletters, or secure client portals, including browsing history, search history, and session data.

 

Note: We collect information directly from you, from third parties you authorize (such as your healthcare providers, legal counsel, or financial institutions), from publicly available sources (such as government registries, court records, public databases, and widely distributed media), and automatically through standard website interactions.

3. How We Use Your Information
 

We use the information we collect strictly for professional and legally mandated purposes, including, but not limited to:

 

  • Evaluating potential engagements during the client intake process, including conducting conflict-of-interest checks and assessing the scope of required or requested fiduciary services.

 

  • Fulfilling our obligations as a Trustee, Executor, Conservator, Agent under Power of Attorney, or other fiduciary capacities. (e.g., Locating, identifying, and verifying the ownership of assets or liabilities.)

 

  • Facilitating internal business administration, including auditing work productivity, managing time-tracking logs, and processing accurate billing for fiduciary services rendered.

 

  • Managing daily financial affairs, including paying bills, managing real estate, and preparing tax returns.

 

  • Coordinating medical care, interfacing with medical providers, and ensuring adherence to healthcare directives.

 

  • Filing necessary documentation with local, state, or federal courts, tax authorities, and government agencies (e.g., MediCal, Social Security Administration, VA).

 

  • Communicating with you regarding your account, services, or legal proceedings.

 

  • Maintaining the security and integrity of our digital infrastructure, including authenticating secure access protocols, monitoring network traffic to prevent unauthorized access, and debugging technical issues.

 

  • Verifying your identity and the accuracy of information provided to us.

 

  • Preventing fraud and mitigating financial risk.

 

  • Retaining and archiving historical records to comply with professional licensing standards, state regulatory requirements, and our internal data retention policies after the conclusion of our fiduciary appointment.

 

  • Ensuring compliance with local, state, and federal legal obligations.

 

 

4. How We Share Your Information
 

We do not sell your personal data to anyone. We do not share your Personal Information or Sensitive Personal Information with third parties for cross-context behavioral advertising or marketing. We only share your information to the extent reasonably necessary to carry out our professional fiduciary functions and obligations. We may share information in the following circumstances:

 

  • To Execute Fiduciary Duties: We may share information with banks, financial advisors, CPAs, healthcare facilities, and insurance companies to solicit required services, pay for services, or manage assets on your behalf.
     

  • With Legal and Professional Counsel: We may share data with attorneys, notaries, and court investigators when required to manage estates, file legal petitions, or defend legal actions.
     

  • With Courts and Government Agencies: We will disclose information when compelled by law, court order, subpoena, or when filing required fiduciary accountings and status reports with the courts.
     

  • Business Transfers: In the event that Mia's Fiduciary Services is sold, merged, acquired, or goes out of business, client data and records would transfer ownership to the successor entity as part of that transaction, subject to court approval where required by California probate law.
     

  • With Service Providers: We may share information with trusted third-party vendors who provide essential infrastructure for our business operations, such as secure communication systems (e.g., encrypted email or telephony providers), specialized accounting software, enterprise-grade secure file-sharing platforms, secure data storage solutions, and offsite encrypted disaster recovery solutions. These providers are contractually obligated to protect your data and use it solely to provide the contracted services to our firm.
     

  • With Beneficiaries and Interested Parties: We may disclose specific financial or estate information to beneficiaries, heirs, or other interested parties when we are legally mandated to do so under the terms of a trust, a will, or California probate code.
     

  • To Protect Vital Interests: In emergency situations where you are physically or legally incapacitated, we may share critical health or personal information with emergency responders or medical personnel to protect your vital interests and physical safety.
     

  • With Your Explicit Consent: We may share your information with any individual or entity when you (or your legally authorized representative) explicitly direct us to do so, either in writing or through a signed release of information.

 

 

5. SMS / Text Messaging Policy (A2P 10DLC Compliance)
 

If you opt-in to receive text messages from Mia's Fiduciary Services, we will use your phone number strictly to communicate regarding your case, appointments, or urgent fiduciary matters.
 

  • No Sharing for Marketing: Mobile information, phone numbers, and SMS consent will never be shared with or sold to third parties or affiliates for marketing or promotional purposes.
     

  • Message Frequency & Costs: Message frequency varies based on the needs of your case. Message and data rates may apply.
     

  • Opt-Out & Assistance: You may opt out of receiving text messages at any time by replying "STOP" to any message. For assistance or support, reply "HELP".

6. Data Concerning Minors
 

Mia's Fiduciary Services does not knowingly collect, share, or sell the personal information of minors under the age of 16 for general commercial purposes. Furthermore, our website and online services are not directed at children under the age of 13. If we discover that we have inadvertently collected personal information from a child under 13 via our website without verifiable parental consent, we will delete that information immediately.
 

However, we may collect and securely store information regarding minors only when legally required or strictly necessary to perform our fiduciary duties. In these instances, the information is obtained directly from a parent, legal guardian, authorized representative, or pursuant to a court order. Examples include, but are not limited to:
 

  • Administering a Special Needs Trust or standard trust where a minor is a named beneficiary.
     

  • Acting as a court-appointed Guardian of the Estate for a minor. 
     

  • Managing inherited assets, tax filings, or healthcare directives on behalf of a minor.

 

In such legal capacities, the collection of this data is exempt from standard deletion requests if retaining the data is legally required for court accountings, trust compliance, or protecting the minor's vital financial interests.
 

7. Data Security, Retention, and Liability

Security Measures: We employ commercially reasonable administrative, technical, and physical safeguards designed to protect your Personal Information and Nonpublic Personal Information against unauthorized access, destruction, or alteration. We strive to adhere to industry best practices, including aligning with HIPAA and GLBA standards. Our defense-in-depth approach includes the use of hardware-based multi-factor authentication (MFA) for administrative access, hardware-encrypted local storage architectures, geographically redundant encrypted backups for disaster recovery, dedicated network firewalls, and strict access controls.
 

Data Retention and Destruction: We retain your personal data only for as long as is strictly necessary to fulfill our legally mandated fiduciary duties, comply with state and federal record-keeping requirements, and resolve any legal disputes. Once the retention period expires, physical documents are securely shredded, and digital records are permanently and securely wiped from our systems.
 

Breach Notification: In the event of a data breach that compromises the security of your Personal Information or Sensitive Personal Information, we will promptly notify you and the appropriate regulatory authorities as mandated by California law and applicable federal statutes.
 

Disclaimer of Liability: While we take the security of your data very seriously and utilize advanced network and hardware protections, no method of transmission over the internet or electronic storage is 100% secure. Mia's Fiduciary Services cannot guarantee absolute security. By utilizing our services, you acknowledge that we are not liable for unauthorized access to your data that occurs despite our reasonable security measures, including highly sophisticated cyber-attacks or data breaches originating from third-party institutions (such as banks, courts, medical portals, or enterprise file-sharing vendors) that we must interact with on your behalf.

 

8. Your Consumer and Privacy Rights

Because of the highly regulated nature of fiduciary services, your data is protected by  a combination of state and federal laws. Depending on the type of data we hold and your state of residence, you possess specific rights regarding your information:

8.1 Your California Privacy Rights (CCPA / CPRA)

If you are a California resident, you possess specific rights regarding your personal information:

  • Right to Know: You may request disclosure of the specific pieces and categories of personal information we have collected about you, the sources, and the business purpose for collection.
     

  • Right to Delete: You may request the deletion of your personal information. Note: As a fiduciary business, many deletion requests may be legally denied if we are required to retain the data to comply with court orders, probate laws, tax audits, Professional Fiduciaries Bureau licensing and ethical mandates, or to complete the transaction for which the data was collected.
     

  • Right to Correct: You may request the correction of inaccurate personal information we hold about you.
     

  • Right to Limit the Use of Sensitive Personal Information (SPI): You have the right to direct us to limit the use of your SPI to that which is strictly necessary to perform our services. (As stated, Mia's Fiduciary Services already limits the use of your SPI exclusively to providing your requested fiduciary services).
     

  • Right to Opt-Out of Sale/Sharing: You have the right to opt-out of the sale or sharing of your data. (As stated, we do not sell or share your data for marketing).
     

    • Opt-Out Preference Signals / Global Privacy Control (GPC): Under the CPRA, 
      consumers can use an opt-out preference signal, such as the Global Privacy Control (GPC), to automatically communicate their request to opt-out. While we do not sell or share your personal information, we will treat a recognized GPC signal from your browser as a valid, verified request to opt-out of any such future activity.
       

    • "Do Not Track" (DNT) Signals: CalOPPA requires us to disclose how we respond to older web browser "Do Not Track" (DNT) signals. Because there is not yet a universally accepted standard for how to interpret DNT signals, our website does not currently respond to them. However, we do not engage in cross-site tracking of our users.​
       

  • Right to Non-Discrimination: We will not deny you services or charge you different rates for exercising your privacy rights.
     

  • Accessibility: If you have a disability and require this Privacy Policy in an alternative format, please contact us at +1 (510) 822-2001 or email privacyrights@magicmia.net to request an accessible version.
     

  • Right to File a Complaint: If you believe we have violated your rights under the CCPA/CPRA, you have the right to file a complaint with the California Privacy Protection Agency (CPPA) at https://cppa.ca.gov/webapplications/complaint.

 

How to Exercise Your CCPA/CPRA Rights: To submit a verifiable consumer request regarding your privacy rights, please contact us at:
 

  • Phone: +1 (510) 822-2001

  • Email: privacyrights@magicmia.net

  • Mailing Address:
    Mia's Fiduciary Services 
    1271 Washington Ave. #908,
    San Leandro, CA 94577
     

We will verify your identity before processing any request using commercially reasonable methods, which may require you to provide government-issued identification or confirm details of your account.
 

  • Authorized Agents: You may designate an authorized agent to make a request on your behalf. To protect your data, we require signed written permission or a valid Power of Attorney authorizing the agent to act for you, and we will independently verify the agent's identity.
     

  • Response Timeline: We strive to respond to verifiable consumer requests within forty-five (45) days of receipt. If we require more time (up to an additional 45 days), we will inform you of the reason and extension period in writing.
     

8.2 Financial Privacy Rights (GLBA & CalFIPA)

Because we manage financial assets and provide fiduciary services, much of the data we handle is classified as Nonpublic Personal Information (NPI) and is governed by federal and state financial privacy laws.

  • The Right to an Annual Notice: You have the right to receive an annual notice detailing our privacy practices regarding your financial information.
     

  • The Right to Affirmative Consent (Opt-In): Under California law, we will not share your NPI with non-affiliated third parties without your explicit, written, affirmative opt-in consent, except where explicitly permitted or required by law (such as processing a transaction you requested or complying with a court order).

 

8.3 Healthcare Privacy Rights

Where we collect Protected Health Information (PHI) or Medical Information to execute healthcare powers of attorney, coordinate medical care, or manage a conservatorship, your data is subject to rigorous protections under the Health Insurance Portability and Accountability Act (HIPAA) and the California Confidentiality of Medical Information Act (CMIA).

 

  • Strict Requirement for Written Authorization: Under the CMIA, we will not disclose your medical information to any third party for any purpose outside of executing your healthcare directives, coordinating your medical treatment, or fulfilling a court mandate without your (or your legally authorized representative's) explicit, signed, written authorization. You may revoke this authorization in writing at any time.
     

  • Right to Access, Amend, and Accounting: You have the right to inspect and obtain a copy of your health records, request amendments or corrections to inaccurate medical data, and request an accounting of certain disclosures of your PHI made by our office over the past six years.
     

  • Right to Request Restrictions and Confidential Communications: You have the right to request that we restrict how we use or disclose your PHI for treatment or healthcare operations. While we are not legally required to agree to all restriction requests, we will comply whenever possible. You also have the right to request that we communicate with you about medical matters in a certain way or at a specific location (e.g., only calling your mobile phone).
     

  • Right to Notice of a Breach: You have the right to be notified promptly if a breach occurs that may have compromised the privacy or security of your unsecured PHI.
     

  • Right to File a Complaint: If you believe your healthcare privacy rights have been violated, you have the right to file a formal complaint with our office, the California Attorney General, or the Secretary of the U.S. Department of Health and Human Services (HHS). Mia's Fiduciary Services will never retaliate against you for filing a complaint.

 

 

9. Changes to This Privacy Policy

We reserve the right to update, amend, or modify this Privacy Policy at any time and at our sole discretion to reflect changes in our business practices, legal requirements, or regulatory frameworks.
 

  • Website Visitors and General Inquiries: Any changes will be effective immediately upon posting the revised Privacy Policy on our website. We will indicate that updates have been made by changing the "Last Updated" and "Effective" dates at the top of this document. We encourage you to review this page periodically. Your continued use of our website or services following the posting of changes constitutes your acknowledgment and acceptance of those changes.
     

  • Active Fiduciary Clients: If we make material changes to how we collect, use, or share your Personal Information or Nonpublic Personal Information, we will provide you with direct notice as required by applicable state and federal laws (such as through a secure client portal notification, email, or your annual administrative disclosures).

 

10. Contact Information


If you have any questions, concerns, or complaints regarding this Privacy Policy, our data collection practices, or how we safeguard your information, please contact us at:

  • Phone: +1 (510) 822-2001

  • Email: privacyrights@magicmia.net

  • Mailing Address:
    Mia's Fiduciary Services 
    1271 Washington Ave. #908,
    San Leandro, CA 94577

bottom of page